270 likes | 593 Views
Security Strategies in Linux Platforms and Applications Lesson 1 Security Threats to Linux. Learning Objective. Identify threats to the Linux operating system and other open source applications. Key Concepts. Open source software security considerations
E N D
Security Strategies in Linux Platforms and Applications Lesson 1 Security Threats to Linux
Learning Objective • Identify threats to the Linux operating system and other open source applications.
Key Concepts • Open source software security considerations • Impact of laws and regulations on a security policy • Threats to the seven domains of an information technology (IT) infrastructure • Standard methodologies for testing vulnerabilities on Linux and open source applications • Linux in the emerging virtual machine (VM) market
Linux in the Seven Domains • User Domain • Workstation Domain • LAN Domain • WAN Domain
Linux in the Seven Domains (Continued) • LAN-to-WAN Domain • Remote Access Domain • System Domain
Defining the Security Framework Frameworks to Choose From Key Questions to Consider • National Institute of Standards and Technology (NIST) • Certified Information Systems Security Professional (CISSP) 10 Domains • International Organization for Standardization (ISO) 17799 and ISO 27001 • Open Source Security Testing Methodology Manual (OSSTMM) • What are the critical assets and threat agents? • Who would a system compromise impact? • Where are the critical assets located? • When have past security breaches in the industry occurred? • How does legislation and regulations mandate policy? Framework Selection
Responsibilities of a Linux System Administrator • System availability and performance • User access and denial • Maintenance of the integrity of operating system, application, storage files, resources, and data transmission
Tasks of a Linux System Administrator • Tuning performance and making upgrades • Configuring and restoring system • Managing user and group accounts • Deploying, logging, and monitoring • Documenting configurations and processes
Linux in the Market: Quick Facts • Over 90% of the world’s super computers run on Linux. • The servers of New York Stock Exchange and Google run on Linux. • Red Hat and Novell are the top commercial Linux vendors for enterprises. • Linux is predicted to have a 33% smartphone share by 2015.
VM A VM can be a: • Hardware VM or Hypervisor • Type1—runs on native machines • Type2—runs on host operating systems as guest • Application VM • Java VM and Dalvik VM • Adobe Flash Player
Advantages of a Hypervisor • Saves money on hardware and power • Well-positioned for bastion hosts • Makes better use of hardware resources • Easier to manage
Linux in the VM Market • Linux provides a scalable, robust solution to scale many servers in a VM environment without the additional licensing costs. • The relative small size of Linux allows for many instances of VMs to run. • The Linux kernel 2.6.20 has virtualization capabilities built-in with Kernel-based VM (KVM).
Summary • Linux in the seven domains and various open source productivity applications • Facts about the use of Linux in the market • Responsibilities and tasks of a Linux system administrator • Process to define a security framework • Linux in the VM market and various VM software used with Linux